package com.shiwaixiangcun.authz.oauth.validator;

import com.shiwaixiangcun.authz.oauth.OAuthTokenxRequest;
import com.shiwaixiangcun.authz.shiro.authc.OAuth2DynamicPasswordToken;
import org.apache.shiro.SecurityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.Set;

/**
 * Created by Administrator on 2017/5/19.
 */
public class DynamicPasswordClientDetailsValidator extends PasswordClientDetailsValidator {
    private static final Logger LOG = LoggerFactory.getLogger(DynamicPasswordClientDetailsValidator.class);


    public DynamicPasswordClientDetailsValidator(OAuthTokenxRequest oauthRequest) {
        super(oauthRequest);
    }

    @Override
    protected boolean invalidUsernamePassword() {
        final String username = tokenRequest.getUsername();
        final String password = tokenRequest.getPassword();
        final Set<String> scopes = oauthRequest.getScopes();
        try {
            SecurityUtils.getSubject().login(new OAuth2DynamicPasswordToken(username, password, scopes));
        } catch (Exception e) {
            e.printStackTrace();
            LOG.debug("Login failed by username: " + username, e);
            return true;
        }
        return false;
    }
}
